IIS SystemException: The trust relationship between the primary domain and the trusted domain failed
Trust relationship between ... and the primary domain failed in MVC5 AuthenticationQuestions : Trust relationship between ... and the primary domain failed in MVC5 Authentication2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00 Show
843 I have a ASP .NET MVC5 application in which anycodings_asp.net-identity I am not using Windows Authentication. Everything was working fine until I tried anycodings_asp.net-identity running the application outside of the anycodings_asp.net-identity Domain in which it was being developed and anycodings_asp.net-identity (for whatever reason) got a: The trust relationship between this workstation and the primary domain failed.when I'm trying to do anycodings_asp.net-identity User.IsInRole("Admin"). I am using custom Identity, Role, anycodings_asp.net-identity IdentityStore, RoleStore, etc. from .NET's anycodings_asp.net-identity Identity and I can see that the User and anycodings_asp.net-identity Role data is being retrieved from the anycodings_asp.net-identity (MongoDB) database correctly. There are plenty of questions regarding this anycodings_asp.net-identity issue, but they're from people who want to anycodings_asp.net-identity use Windows Auth. and impersonation in their anycodings_asp.net-identity MVC applications:
So why exactly am I getting this anycodings_asp.net-identity SystemException if I'm not using Active anycodings_asp.net-identity Directory and (as far as I know) not doing anycodings_asp.net-identity anything that might depend on the PC's anycodings_asp.net-identity domain? Am I missing some configuration anycodings_asp.net-identity (either in my Web.config or IIS Express)? EDIT:Ok, so narrowing it down a bit... My User.IsInRole("Admin") line is inside an anycodings_asp.net-identity if() statement in my _Layout.cshtml View anycodings_asp.net-identity (i.e., to know what to show in the nav. bar anycodings_asp.net-identity depending on the role). I now know I only get the error above when anycodings_asp.net-identity no user is authenticated and I'm not in the anycodings_asp.net-identity domain I used for dev. If I place a anycodings_asp.net-identity breakpoint on that line, I can see that the anycodings_asp.net-identity User object is is a anycodings_asp.net-identity System.Security.Principal.WindowsIdentity anycodings_asp.net-identity and its underlying Identity is anycodings_asp.net-identity System.Security.Principal.WindowsIdentity. On the other hand, if the user is anycodings_asp.net-identity authenticated, then the User object and ts anycodings_asp.net-identity Identity are anycodings_asp.net-identity System.Security.Claims.ClaimsPrincipal and anycodings_asp.net-identity System.Security.Claims.ClaimsIdentity. Why is it using Windows Identity at all anycodings_asp.net-identity (when unauthenticated) and how can I disable anycodings_asp.net-identity it? Total Answers 10 24 Answers 1 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationSo, based on my EDIT, I've modified my anycodings_asp.net _Layout.cshtml so that instead of having @if(User.IsInRole("Admin")) {...}I have @if(User.Identity.IsAuthenticated && User.IsInRole("Admin")) {...}which seems to solve the problem. I believe the problem was that ASP .NET anycodings_asp.net Identity uses an empty WindowsIdentity anycodings_asp.net when no user is authenticated and when I anycodings_asp.net try to check for the User.IsInRole, then anycodings_asp.net it will try to check the roles of a anycodings_asp.net WindowsIdentity against an Active anycodings_asp.net Directory that I don't have. Obviously I anycodings_asp.net should first check if the user is even anycodings_asp.net logged in before attempting to check its anycodings_asp.net roles, so mea culpa. But, even though the change above seems anycodings_asp.net to fix my code, I'd be very interested anycodings_asp.net in knowing more about this behavior: why anycodings_asp.net is it using an empty anycodings_asp.net System.Security.Principal.WindowsIdentity anycodings_asp.net when no user is authenticated. I'll anycodings_asp.net accept any answer which explains that. 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link mRahman 1 Answers 2 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationI've had this issue - It failed for me anycodings_asp.net if I tested an active directory group anycodings_asp.net that didn't exist. Make sure you're using a group that anycodings_asp.net exists! 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link raja 2 Answers 3 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationI was having this issue with Asp.Net anycodings_asp.net Core 3.1 with Windows Authentication, anycodings_asp.net but this thread came up first when anycodings_asp.net searching the internet. I ended up anycodings_asp.net resolving the issue by decorating the anycodings_asp.net controller class declaration with the anycodings_asp.net following: using Microsoft.AspNetCore.Authorization; [Authorize] public class SetupController : ControllerHope this is helpful for someone that is anycodings_asp.net using Windows Authentication and is anycodings_asp.net having the same error. 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link miraj 6 Answers 4 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationWe were having this same issue on a new anycodings_asp.net production server. Using the Identity anycodings_asp.net Framework and restricting access to a anycodings_asp.net specific directory with a web.config anycodings_asp.net file denying any unauthenticated users. anycodings_asp.net When unauthenticated users tried to anycodings_asp.net access a page in this directory that anycodings_asp.net contained any User.IsInRole("RoleName") anycodings_asp.net code, they were getting the "Trust anycodings_asp.net relationship..." error. None of the fixes mentioned in other SO anycodings_asp.net answers worked for us. Turns out we just had to enable Forms anycodings_asp.net Authentication in IIS - problem solved. 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link miraj 2 Answers 5 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationThe "trust relationship between the anycodings_asp.net primary domain and the workstation has anycodings_asp.net failed" error message usaully requires anycodings_asp.net that the computer be removed from the anycodings_asp.net domain and then rejoined. Now there are anycodings_asp.net a few ways to do this. As included in anycodings_asp.net the link above, are instructions on how anycodings_asp.net to do so either on the computer anycodings_asp.net displaying the error or remotely. You anycodings_asp.net can also do so in Active Directory and anycodings_asp.net in PowerShell. 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link jidam 6 Answers 6 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link miraj 5 Answers 7 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationI've just resolved this in our systems, anycodings_asp.net unfortunately, none of the other anycodings_asp.net suggestions worked for me. The issue was anycodings_asp.net caused by an orphaned SID in a network anycodings_asp.net folder the code was attempting to anycodings_asp.net access. Once removed it started working anycodings_asp.net again. 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link miraj 3 Answers 8 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationI had exactly the same scenario with anycodings_asp.net custom Authentication Module and the anycodings_asp.net same error when doing IsInRole. The anycodings_asp.net highest ranking solution anycodings_asp.net (User.Identity.IsAuthenticated anycodings_asp.net && ...) did NOT help. So, I anycodings_asp.net played quite a bit with it. Finally I anycodings_asp.net found that I had to remove a anycodings_asp.net (preCondition="managedHandler") anycodings_asp.net attribute from my module declaration in anycodings_asp.net web.config file. So, instead of: I would have to have: That did the trick for me! 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link miraj 4 Answers 9 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationFor me, the whole membership provider anycodings_asp.net configuration tags were missing. After i anycodings_asp.net copy those from one our previous apps, anycodings_asp.net it worked fine. 0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link jidam 3 Answers 10 : of Trust relationship between ... and the primary domain failed in MVC5 AuthenticationOn my case, I am not using anycodings_asp.net User.Identity but rather anycodings_asp.net Thread.CurrentPrincipal.Identity.Name So when I approach this line of code: Thread.CurrentPrincipal.IsInRole("admin");That's where I will encounter the same anycodings_asp.net error message of: The trust relationship between this anycodings_asp.net workstation and the primary domain anycodings_asp.net failed. There are two cases why I encountered anycodings_asp.net the same issue and of course the fixes I anycodings_asp.net made:
0 2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link joy How do you fix the trust relationship between the primary domain and the trusted domain failed?Resolution. To resolve this issue, remove the computer from the domain, and then connect the computer to the domain. Use a local administrator account to log on to the computer.
How do you fix a broken trust relationship within a domain?Here is the classical way to repair trust relationship between the computer and domain:. Reset the computer account in AD;. Move the computer from the domain to a workgroup under the local administrator;. Reboot;. Rejoin the computer to the domain;. Restart the computer again.. What causes the trust relationship between this workstation and the primary domain failed?“The trust relationship between this workstation and the primary domain failed” Error Message. When an AD domain no longer trusts a computer, chances are it's because the password the local computer has does not match the password stored in Active Directory. The two passwords must be in sync for AD to trust a computer.
How do you find the relationship between trusts and domains?You can do this with the same utility that is used to create the trust.. Open Active Directory Domains and Trusts.. Open the properties of the domain that contains the trust you are looking to verify.. Under the trusts tab, select the trust and select properties.. Click the validate button.. |
